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Amendments to the Claims 

The listing of claims will replace all prior versions, and listings of claims in the 
application. 



electronic data te-bv a controller associated with the secured electronic data; 

comparing, at the controller, one or more attributes of the access candidate with 
one or more access requirements associated with the secured electronic data; 

submitting, by the controller, a request for authorization to a resolution authority 
when the in response to a comparison that indicates that access by the access candidate is 
prohibited without authorization; and 

granting the access candidate access to the secured electronic data when if the 
resolution authority provides authorization for such access. 

2. (currently amended) The method as in Claim 1, further comprising fee 
step-ef granting the access cemdidate access to the secured electronic data when th e in 
response to a comparison that indicates that access by the access candidate is not 
prohibited. 

3. (currently amended) The method as in Claim 2, further comprising the 
step-ef denying the access candidate access to the secured electronic data when if the 
resolution authority denies authorization. 



1. 



(currently amended) A method for providing an access candidate access 



to secured electronic data, the method comprisin g th e st e ps of : 




-receiving a request for access candidate access to the secured 
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4. (original) The method as in Claim 1, wherein one or more access 
requirements are represented as part of a graphical display associated with the access 
candidate and accessed for display to the controller via a network. 

5. (original) The method as in Claim 1, wherein one or more access 
requirements are related to at least one of a citizenship status of the access candidate and 
a current location of the access candidate. 

6. (original) The method as in Claim 5, wherein one or more attributes 
of the access candidate relates to at least one of a citizenship status of the access 
candidate and a current location of the access candidate. 

7. (currently amended) In a data security system having a first security 
level securing one or more resources for manipulating electronic data and a second 
security level securing access to the electronic data by the one or more resources, a 
method for providing an access candidate access to the electronic data, the method 
comprising the st e ps of : 

submitting r eceiving a request for access to the first security level; 

granting the access candidate access to the first security level wben -in response to 
a comparison of one or more attributes of the access candidate with one or more access 
requirements associated with the first security level that indicates that access to the first 
security level by the access candidate is not prohibited; 
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-receiving a request for access to the second security level; 



submitting a request for authorization to a resolution authority wfeen -in response 
to a conaparison of one or more attributes of the access candidate with one or more 
access requirements associated with the second security level that indicates that access to 
the second security level by the access candidate is prohibited without authorization; and 

granting the access candidate access to the second security level should if the 
resolution authority provide authorization. 

8. (currently amended) The method as in Claim 7, further comprising the 
st e p of granting the access c^didate access to the second security level wh e n th e i n 
response to a comparison of one or more attributes of the access candidate with one or 
more access requirements associated with the second security level that i ndicates that 
access to the second security level by the access candidate is not prohibited. 

9. (currently amended) The method as in Claim 7, further comprising fee 
st e p of denying the access candidate access to the second security level ¥»4ieH-if the 
resolution authority denies authorization. 

10. (original) The method as in Claim 7, wherein one or more attributes 
of the access candidate are represented as part of a graphical display associated with the 
access candidate and accessed for display via a network. 
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1 1 . (original) The method as in Claim 7, wherein one or more access 
requirements associated with the first security level relates to at least one of: a valid data 
access agreement with the access cmdidate; a current location of the access candidate; 
and a citizenship status of the access candidate. 

12. (original) The method as in Claim 1 1, wherein one or more attributes 
of the access candidate relates to at leeist one of: the existence of a data access agreement; 
a current location of the access candidate; and a citizenship status of the access 
candidate. 

13. (original) The method as in Claim 7, wherein one or more access 
requirements associated with the second security level relates to at least one of a current 
location of the access candidate and a citizenship status of the access candidate. 

14. (original) The method as in Claim 7, wherein at least one of the 
request for access to the first security level and the request for access to the second 
security level is submitted by one or more sponsors. 

15. (currently amended) In a data security system having a first security 
level securing one or more resources for manipulating electronic data and a second 
security level securing the electronic data, a method for providing an access candidate 
access to the electronic data, the method comprising th e st e ps of : 

identifying a plurality of data subsets of the electronic data; 
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determining, for each data subset, at least one data class associated with the data 
subset, the at least one data class identifying at least a citizenship requirennient and a 
location requirement for access to data associated with the data class; 

s ubmitting, by r eceiving, from a first sponsor of the access candidate, a request 
for access to the first security level, the request including an indication of a citizenship 
status of the access candidate, an indication of a current location of the access candidate, 
and an indication of an existence of a data access agreement with the access candidate; 

granting the access candidate access to the first security level based at least in 
part on an evaluation of the request for access to the first level; 



for access to at least one data subset at the second security level when in resr)onse to an 
indication that access to the first security level has been granted, the request for access to 
the at least one data subset including an indication of a citizenship status of the access 
candidate and an indication of a current location of the access candidate; 

submitting a request for authorization to a resolution authority when -in response 
to a comparison of the citizenship status and the current location of the access candidate 
with the respective citizenship requirement and location requirement of the at least one 
data class of the requested data subset that indicates that access to a requested data subset 
at the second level by the access candidate is prohibited without authorization; and 

granting the access candidate access to the requested at least one data subset at 
the second security level when if.the resolution authority provides authorization upon 
receipt of the request for authorization. 




-receiving, from a second sponsor of the access candidate, a request 
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16. (currently amended) A system for providing an access candidate access 
to secured electronic data, the system comprising: 

storage adapted to receive and store the electronic data; 

one or more resources adapted to access and manipulate the electronic data; 

means for evaluating a request for access candidate access to the one or more 
resources the evaluation of the request including a first comparison of one or more 
attributes of the access candidate with one or more access requirements associated with 
the one or more resources; 

means for granting the access candidate access to the one or more resources when 
if the first comparison indicates that access is not prohibited; 

means for evaluating a request for access candidate access to the electronic data 
by the one or more resources, the evaluation of the request including a second 
comparison of one or more attributes of the access candidate with one or more access 
reqmrements associated with the electronic data; 

means for submitting a request for authorization to a resolution authority when if 
the second comparison indicates that access to the electronic data by the access candidate 
is prohibited without authorization; and 

means for granting the access candidate access to the electronic data using the 
one or more resources when if the resolution authority provides authorization. 

17. (currently amended) The system as in Claim 16, further comprising 
means for granting the access candidate access to the electronic data using the one or 
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more resources when if the second comparison indicates that access to the electronic data 

by the access candidate is not prohibited. 

18. (currently amended) The system as in Claim 16, wherein the access 
candidate is denied access to the electronic data wh e n if the resolution authority denies 
authorization. 

19. (original) The system as in Claim 16, wherein one or more access 
candidate attributes are represented as part of a graphical display associated with the 
access candidate and accessed for display via a network. 

20. (original) The system as in Claim 16, wherein one or more access 
requirements associated with the one or more resources relates to at least one of: a valid 
data access agreement with a potential access candidate; a current location of the 
potential access candidate; and a citizenship status of the potential access candidate. 

21 . (original) The system as in Claim 20, wherein one or more access 
candidate attributes relates to at least one of: an indication an existence of a data access 
agreement with the access candidate; a current location of the access candidate; and a 
citizenship status of the access candidate. 
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22. 



(original) 



The system as in Claim 16, wherein one or more access 



requirements associated with the electronic data includes at least one of a current 
location of the access candidate £uid a citizenship status of the access candidate. 

23. (currently amended) A system for providing an access candidate access 
to secured electronic data, the electronic data being associated with one or more data 
classes, each data class identifying at least a citizenship requirement and a location 
requirement for access to data associated with the data class, the system comprising: 

storage adapted to receive and store the electronic data; 

one or more resources adapted to process and manipulate the electronic data; 

a resource access controller adapted to grant access to the one or more resources 
based at least in part on a comparison of a citizenship status and a current location of the 
access candidate and an existence of a data access agreement with a citizenship 
requirement, location requirement and data access agreement requirement associated 
with the one or more resources; 

one or more data access controllers adapted to grant access to a corresponding 
portion of the electronic data based at least in part on a comparison of a citizenship status 
and a current location of the access candidate with a citizenship requirement and a 
location requirement associated with one or more data classes of the corresponding 
portion of the electronic data; 

one or more resolution authorities adapted to authorize access to one or more 
portions of the electronic data when -in response to a comparison performed by a 
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corresponding data access controller that indicates access is prohibited without 

authorization; and 

a data access module adapted to: 

evaluate a request for access to one or more portions of the electronic data by the 
one or more resources to identify one or more data access controllers corresponding to 
the one or more portions of the electronic data; and 

forward the request for access to the one or more identified data access 
controllers for evaluation as to whether to grant the access candidate access to the 
corresponding one or more portions of the electronic data. 

24. (currently amended) A method for determining an access candidate's 
access to secured electronic data, the method comprising th e steps of : 

submitting r eceiving a request for access to the secured electronic data te-bv a 
controller associated with the secured electronic data; 

comparing, at the controller, one or more attributes of the access candidate with 
one or more access requirements associated with the secured electronic data; 

submitting, by the controller, a request for authorization to a resolution authority 
when the i n response to a comparison that i ndicates that access by the access candidate is 
prohibited without authorization; 

the resolution authority processin g, by the resolution authority, access candidate 
information and request related information and determining whether to authorize the 
access candidate's access to the secured electronic data; and 
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granting or denying by the controller, in whole or in part, the access candidate 

access to the secured electronic data based at least in part on the resolution authority's 

determination. 

25. (currently amended) The method as in Claim 24, further comprising the 
st e p of granting the access candidate access to the secured electronic data when tho in 
response to a comparison that indicates that access by the access candidate is not 
prohibited. 

26. (original) The method as in Claim 24, wherein one or more access 
requirements are represented as part of a graphical display associated with the access 
candidate and accessed for display to the controller via a network. 

27. (original) The method as in Claim 24, wherein one or more access 
requirements are related to at least one of a citizenship status and a current location of the 
access candidate. 

28. (original) The method as in Claim 27, wherein one or more attributes 
of the access candidate includes at least one of a citizenship status and a current location 
of the access candidate. 

29. (currently amended) A method for determining an access candidate's 
access to secxwed electronic data, the method comprising the st e ps of : 
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submitting r eceiving a request for access to the secured electronic data te-bv a 
controller associated with the secured electronic data; 

comparing, at the controller, one or more attributes of the access candidate with 
one or more access requirements associated with the secured electronic data; 

granting the access candidate access to the secured electronic data when the in 
response to a comparison that i ndicates that access by the access candidate is not 
prohibited; and 

submitting, by the controller, a request for authorization to a resolution authority 
when the in response to a comparison that indicates that access by the access candidate 
is prohibited without authorization and performing the following steps: 

the r e solution authority processing , by the resolution authority, access candidate 
information and request related information and determining whether to authorize the 
access candidate's access to the secured electronic data; and 

granting or denying by the controller, in whole or in part, the access candidate 
access to the secured electronic data based at least in part on the resolution authority's 
determination. 

30. (currently amended) In a data security system having a first security 
level securing one or more resources for manipulating electronic data and a second 
security level securing access to the electronic data by the one or more resources, a 
method for determining an access candidate's access to the electronic data, the method 
comprising the st e ps of : 




-receiving a request for access to the first security level; 
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determining the access candidate's access to the first security level based on a 

comparison of one or more attributes of the access candidate with one or more access 

requirements associated with the first security level; 

submitting r eceiving a request for access to the second security level; and 

submitting a request for authorization to a resolution authority wh e n the i n 

response to a comparison of one or more attributes of the access candidate with one or 

more access requirements associated with the second security level that indicates that 

access to the second security level by the access candidate is prohibited without 

authorization and determining by the resolution authority the access candidate's access to 

the second security level. 

3 1 . (currently amended) The method as in Claim 30, further comprising tb© 
step-ef granting the access candidate access to the second security level when the in 
response to a comparison of one or more attributes of the access candidate with one or 
more access requirements associated with the second security level that indicates that 
access to the second security level by the access candidate is not prohibited. 

32. (currently amended) The method as in Claim 30, further comprising the 
step of denying the access candidate access to the second security level wh e n if the 
resolution authority denies authorization. 
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33. (original) The method as in Claim 30, wherein one or more attributes 
of the access candidate is represented as part of a graphical display associated with the 
access candidate and accessed for display via a network. 



requirements associated with the first security level relates to at least one of: a valid data 
access agreement with the access candidate; a current location of the access candidate; 
and a citizenship status of the access candidate. 

35 . (original) The method £is in Claim 34, wherein one or more attributes 
of the access candidate relates to at least one of: an indication of whether the access 
candidate has a data access agreement; a current location of the access candidate; and a 
citizenship status of the access candidate. 

36. (original) The method as in Claim 30, wherein one or more access 
requirements associated with the second security level relates to at least one of a current 
location of the access candidate and a citizenship status of the access candidate. 

37. (original) The method as in Claim 30, wherein at least one of the 
request for access to the first security level and the request for access to the second 
security level is submitted by one or more sponsors. 



34. 



(original) 



The method as in Claim 30, wherein one or more access 
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